Windows 10 Worst Secret Spins Out Of Control [Updated]

Update 15/02/2016: Microsoft has dismissed the data on the Voat thread as completely flawed. This supersedes the 'no comment' initially supplied for this story and all parties acknowledge this changes the context from which the original story was written. An apology from Microsoft UK press agency 3MZ can also be found on this follow up story.

Update 13/02/16: discussions with Microsoft are ongoing. An update will be posted to this story following these talks.

Update 11/02/16: while Microsoft has so far declined to give feedback on the data here, the Voat thread's results are being disputed with the argument that Microsoft is responsible for only a small portion of the data tracking that is claimed. In fact the original thread post has now been deleted but the thread continues with heated arguments back and forth over the data.

Where there is consensus is Windows 10 does indeed still submit telemetry data to its servers without making that immediately clear to users who have disabled all accessible telemetry options. What is disputed is the amount.

---

Back in November Microsoft confirmed Windows 10’s worst kept secret: its extensive telemetry (or ‘spying’ as it has been labelled) cannot be stopped. What no-one realised until now, however, was potentially the extent of it…

Providing a shock is Voat user CheesusCrust whose extensive investigation claims Windows 10 contacts Microsoft to report data thousands of times per day. And the kicker? It is said to happen even after choosing a custom Windows 10 installation and disabling all three pages of tracking options which are all enabled by default.

The raw numbers presented come out as follows: over an eight hour period Windows 10 tried to send data back to 51 different Microsoft IP addresses over 5500 times. After 30 hours of use, Windows 10 expanded that data reporting to 113 non-private IP addresses. Being non-private means there is the potential for hackers to intercept this data.

Taking this a step further, the testing was then repeated on another Windows 10 clean installation again with all data tracking options disabled and third party tool DisableWinTracking was also installed which tries to shut down all hidden Windows 10 data reporting attempts. At the end of the 30 hour period he argues Windows 10 had still managed to phone home with data 2758 times to 30 different IP addresses.

The full tabulated results have been broken down and scrutinised by software specialist site gHacks.

A further interesting fact is these tests were said to be conducted using Windows 10 Enterprise Edition - the version of Windows 10 with the most granular level of user control and far more than the standard Windows 10 Home edition used by most consumers. All of which the tests argue this controversial data tracking simply cannot be stopped.

What To Make Of This

The obvious first reaction to this might be to panic and scream about class action lawsuits, but it’s a little more complicated than that.

Firstly the Windows 10 EULA (end user licence agreement) which very few users ever read, gives Microsoft full legal rights to do this. Secondly Microsoft has made several attempts to stress that the telemetry and data tracking aspects to Windows 10 are essential to its ongoing maintenance and improvement.

Speaking in November, Microsoft Corporate Vice President Joe Belfiore argued: “In the cases where we’ve not provided options [to disable tracking], we feel that those things have to do with the health of the system...In the case of knowing that our system that we’ve created is crashing, or is having serious performance problems, we view that as so helpful to the ecosystem and so not an issue of personal privacy, that today we collect that data so that we make that experience better for everyone.”

Microsoft is leaving users with little to no choice about upgrading to Windows 10, but what will they find there? Image credit: ComputerWorld

He also stressed: “We’re going to continue to listen to what the broad public says about these decisions, and ultimately our goal is to balance the right thing happening for the most people – really, for everyone – with the complexity that comes with putting in a whole lot of control.”

And yes, of course, the problem here is one of scale. For most users essential “health of the system” will not tally with Windows 10 making thousands of data connections every day to over 100 Microsoft IP addresses, if the tests are correct. And, more to the point, even if all this data sharing is somehow vital then Microsoft has currently made no attempt to explain why or divulge the processes at play.

With this in mind I contacted Microsoft with the full data results, asked it to explain or dismiss the findings and held back on publishing until the company had the chance for a full right of reply. All this meant the story itself published a number of days behind other sites. The response was worryingly predictable: “I’m afraid we are not able to provide a comment on this.”

This is the same response I’ve to Windows 8 support cuts, Windows 10 future pricing and lifecycle support as well as data tracking. In fact this is the same response the company gives to almost any question relating to disclosure of how its operating systems are being run. It’s a notable change in policy from the openness of Microsoft in the past and makes the comment this week from Mark Wilson at BetaNews (the site which broke the story on February 6th) all the more pertinent:

“With Microsoft facing unprecedented levels of criticism for its lack of transparency over spying components, these findings will serve only to add fuel to the fire.”

Yes, this is the issue in a nutshell - yet again.

Note: It is important to state Microsoft is far from alone in using telemetry from user operating systems, most notably
Google has done this openly for years as has Apple. Historically Microsoft has attacked the practice of collecting too much data and ran a two year global marketing campaign 'Scroogled', which lambasted Google for what was claimed to be extreme tracking in its products and services. Scroogled ran from 2012 to 2014.

I am an experienced freelance technology journalist. I have written for Wired, The Next Web, TrustedReviews, The Guardian and the BBC in addition to Forbes. I began in b2b print journalism covering tech companies at the height of the dot com boom and switched to covering con...